require_once PATH_CORE . 'setup.inc.php'; require_once PATH_CORE . 'xml.inc.php'; $C_debug = new CORE_debugger(); $C_setup = new CORE_setup(); $C_sess = new CORE_session(); $C_sess->session_constant(); $C_translate = new CORE_translate(); $C_method = new CORE_method(); if (isset($VAR['_login']) && isset($VAR['_username']) && isset($VAR['_password'])) { require_once PATH_CORE . 'login.inc.php'; $C_login = new CORE_login_handler(); $C_login->login($VAR); } elseif (isset($VAR['_logout'])) { require_once PATH_CORE . 'login.inc.php'; $C_login = new CORE_login_handler(); $C_login->logout($VAR); } $C_sess->session_constant_log(); $force = false; $C_auth = new CORE_auth($force); $smarty = new Smarty(); $C_list = new CORE_list(); $C_block = new CORE_block(); for ($i = 0; $i < count(@$_SERVER["argv"]); $i++) { if (@$_SERVER["argv"][$i] == "_task=1") { $VAR['_task'] = 1; } } if (isset($VAR['_task'])) { require_once PATH_MODULES . 'task/task.inc.php'; $task = new task();
function login($VAR) { global $C_auth; # Check for target user $display_this = false; if (!empty($VAR['account_id'])) { ### Get any authorized groups of the target account $dba =& DB(); $sql = 'SELECT group_id FROM ' . AGILE_DB_PREFIX . 'account_group WHERE site_id = ' . $dba->qstr(DEFAULT_SITE) . ' AND account_id = ' . $dba->qstr($VAR['account_id']) . ' AND active = ' . $dba->qstr("1") . ' ORDER BY group_id'; $groups = $dba->Execute($sql); while (!$groups->EOF) { $group[] = $groups->fields['group_id']; $groups->MoveNext(); } ### Verify the user has access to view this account: if (SESS_ACCOUNT != $VAR['account_id']) { $display_this = true; for ($ix = 0; $ix < count($group); $ix++) { if (!$C_auth->auth_group_by_id($group[$ix])) { $display_this = false; } } } else { return false; } } else { return false; } # Logout current user and login as the target user if ($display_this) { $db =& DB(); $sql = 'SELECT username,password FROM ' . AGILE_DB_PREFIX . 'account WHERE site_id = ' . $dba->qstr(DEFAULT_SITE) . ' AND id = ' . $dba->qstr($VAR['account_id']); $acct = $db->Execute($sql); $arr['_username'] = $acct->fields['username']; $arr['_password'] = $acct->fields['password']; include_once PATH_CORE . 'login.inc.php'; $login = new CORE_login_handler(); $login->logout($VAR); $login->login($arr, $md5 = false); define('REDIRECT_PAGE', '?_page=account:account&tid=' . DEFAULT_THEME); } #################################################################### ### Do any db_mapping #################################################################### $db =& DB(); $sql = 'SELECT id FROM ' . AGILE_DB_PREFIX . 'module WHERE site_id = ' . $db->qstr(DEFAULT_SITE) . ' AND name = ' . $db->qstr('db_mapping') . ' AND status = ' . $db->qstr("1"); $result = $db->Execute($sql); if ($result->RecordCount() > 0) { include_once PATH_MODULES . 'db_mapping/db_mapping.inc.php'; $db_map = new db_mapping(); $db_map->login($VAR['account_id']); } }